[cifs-protocol] RE: (more) Backing store for Trusted domain object creation time and flags

Richard Guthrie rguthrie at microsoft.com
Thu Oct 30 14:22:08 GMT 2008


Andrew,

The structure LSA_FOREST_TRUST_RECORD contains data that is stored in Active Directory in the attribute msds-ForestTrustForestInfo on the trusted domain object.  This attribute and its layout are documented in MS-ADTS section 7.1.6.9.3.  I have attached a parse of this value from a test environment as an example.  I have included section 7.1.6.9.3 from the latest MS-ADTS document as well.  This text will be provided online in a future release.

I want to point out an issue that is still under review so you are aware and will update you with the final outcome.  If you look at the parse of this data structure you will notice that RecordLen shows 73 bytes.  This appears to not count the RecordLen bytes even though they are listed as part of the Record structure in MS-ADTS.  This is under investigation and I will update you with the final outcome as well as any update to the document if required.

Please let us know if you have any questions.

Richard Guthrie
Open Protocols Support Team
Support Escalation Engineer, US-CSS DSC PROTOCOL TEAM
Tel: +1 (469) 775-7794
E-mail: rguthrie at microsoft.com




-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Monday, October 13, 2008 4:00 AM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: (more) Backing store for Trusted domain object creation time and flags

In 2.2.69 LSA_FOREST_TRUST_RECORD it states:

typedef struct _LSA_FOREST_TRUST_RECORD {
  unsigned long Flags;
  LSA_FOREST_TRUST_RECORD_TYPE ForestTrustType;
  LARGE_INTEGER Time;

Time: The date and time when this entry was created. It is a 64-bit value that represents the
  number of 100-nanosecond intervals since January 1, 1601, UTC.

I presume this is just the whenCreated attribute on this record, but no link is made.

However, I'm more puzzled by the 'Flags' - where does this come from (in terms of LDAP attributes)?

Thanks,

Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SRX081013600072.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 11597 bytes
Desc: SRX081013600072.docx
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20081030/c9cd4b5f/SRX081013600072-0001.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SRX081013600072.pdf
Type: application/pdf
Size: 126358 bytes
Desc: SRX081013600072.pdf
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20081030/c9cd4b5f/SRX081013600072-0001.pdf
-------------- next part --------------
01 00 00 00 01 00 00 00 49 00 00 00 01 00 00 00 2D 39 C9 01 B9 62 4A 1F 02 18 00 00 00 01 04 00 00 00 00 00 05 15 00 00 00 0A 00 00 00 10 00 00 00 31 00 00 00 0C 00 00 00 54 65 73 74 44 6F 6D 61 69 6E 31 33 0C 00 00 00 54 65 73 74 44 6F 6D 61 69 6E 31 33
-------------- next part --------------
A non-text attachment was scrubbed...
Name: [MS-ADTS] 7.1.6.9.3.pdf
Type: application/pdf
Size: 172221 bytes
Desc: [MS-ADTS] 7.1.6.9.3.pdf
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20081030/c9cd4b5f/MS-ADTS7.1.6.9.3-0001.pdf


More information about the cifs-protocol mailing list